Implementing information security in healthcare : building a security program
edited by Terrell W. Herzig, Tom Walsh, Lisa A. Gallagher
- Chicago, IL : HIMSS, c2013.
- xviii, 294 p. : ill. ; 26 cm.
The importance of information security in healthcare -- Information security frameworks -- Information security planning -- Risk analysis -- Senior management oversight and involvement -- Information security regulations -- Security policy development -- The concept of security controls -- Access control -- Network security -- Use of encryption -- Managing mobile devices -- Application security -- Information security operations -- Security considerations in technology contracting -- Business continuity and disaster recovery -- Change control and change management -- Testing your technical controls -- Auditing your program -- Incident handling -- Information systems implementation.
Implementing Information Security in Healthcare: Building a Security Program offers a critical and comprehensive look at healthcare security concerns in an era of powerful computer technology, increased mobility, and complex regulations designed to protect personal information. Featuring perspectives from more than two dozen security experts, the book explores the tools and policies healthcare organizations need to build an effective and compliant security program. Topics include information security frameworks, risk analysis, senior management oversight and involvement, regulations, security policy development, access control, network security, encryption, mobile device management, disaster recovery, and more. Information security is a concept that has never been more important to healthcare as it is today. Special features include appendices outlining potential impacts of security objectives, technical security features by regulatory bodies (FISMA, HIPAA, PCI DSS and ISO 27000), common technical security features, and a sample risk rating chart.
9781938904349 1938904346
2014395656
Medical care--Security measures Medical informatics--Management Information storage and retrieval systems--Medicine--Management Medical records--Electronic information resources Computer security Information networks--Security measures Hospital Administration Safety Management Security Measures Medical Informatics